package retrofit2.plus;

import android.content.Context;
import com.taobao.weex.common.Constants;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import okhttp3.OkHttpClient;

/* loaded from: classes2.dex */
public class OkHttpClientUtil {
    private OkHttpClientUtil() {
    }

    public static OkHttpClient getSSLClient(OkHttpClient okHttpClient, Context context, String str) {
        return getSSLClientByInputStream(okHttpClient, trustedCertificatesInputStream(context, str));
    }

    public static OkHttpClient getSSLClientByCertificateString(OkHttpClient okHttpClient, String str) {
        return getSSLClientByInputStream(okHttpClient, trustedCertificatesInputStreamByCertificateString(str));
    }

    private static OkHttpClient getSSLClientByInputStream(OkHttpClient okHttpClient, InputStream inputStream) {
        SSLContext sslContextForTrustedCertificates;
        return (inputStream == null || (sslContextForTrustedCertificates = sslContextForTrustedCertificates(inputStream)) == null) ? okHttpClient : okHttpClient.newBuilder().sslSocketFactory(sslContextForTrustedCertificates.getSocketFactory()).build();
    }

    private static KeyStore newEmptyKeyStore(char[] cArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load((InputStream) null, cArr);
            return keyStore;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static SSLContext sslContextForTrustedCertificates(InputStream inputStream) {
        try {
            Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(inputStream);
            if (generateCertificates.isEmpty()) {
                throw new IllegalArgumentException("expected non-empty set of trusted certificates");
            }
            char[] charArray = Constants.Value.PASSWORD.toCharArray();
            KeyStore newEmptyKeyStore = newEmptyKeyStore(charArray);
            Iterator<? extends Certificate> it = generateCertificates.iterator();
            int i = 0;
            while (it.hasNext()) {
                newEmptyKeyStore.setCertificateEntry(Integer.toString(i), it.next());
                i++;
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(newEmptyKeyStore, charArray);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(newEmptyKeyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
            return sSLContext;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static InputStream trustedCertificatesInputStream(Context context, String str) {
        try {
            return context.getAssets().open(str);
        } catch (Exception e) {
            return null;
        }
    }

    private static InputStream trustedCertificatesInputStreamByCertificateString(String str) {
        try {
            return new ByteArrayInputStream(str.getBytes("UTF-8"));
        } catch (Exception e) {
            return null;
        }
    }
}
